Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tox, a Skype Replacement Built On 'Privacy First'

Posted by Soulskill on from the pet-rock-also-built-on-privacy-first dept.

An anonymous reader writes: Rumors of back door access to Skype have plagued the communication software for the better part of a decade. Even if it's not true, Skype is owned by Microsoft, which is beholden to data requests from law enforcement. Because of these issues, a group of developers started work on Tox, which aims to rebuild the functionality of Skype with an emphasis on privacy. "The main thing the Tox team is trying to do, besides provide encryption, is create a tool that requires no central servers whatsoever—not even ones that you would host yourself. It relies on the same technology that BitTorrent uses to provide direct connections between users, so there's no central hub to snoop on or take down."

2 of 174 comments (clear)

  1. Re:Back door by AHuxley · · Score: 4, Interesting

    AC the backdoor aspect is both national and international
    "FBI Wants Backdoors in Facebook, Skype and Instant Messaging"
    http://www.wired.com/2012/05/f...
    ".... drafted by the FBI, that would require social-networking sites and VoIP, instant messaging and e-mail providers to alter their code to make their products wiretap-friendly."
    Then the world was given more details "Encrypted or not, Skype communications prove Ãoevitalà to NSA surveillance" May 14 2014
    http://arstechnica.com/securit...
    As for the "nobody on the inside has ever leaked out." aspect try http://cryptome.org/2013-info/...
    The "inside" can now be understood by aspects like "Drug Agents Use Vast Phone Trove, Eclipsing N.S.A.Ã(TM)s"
    http://www.nytimes.com/2013/09...
    ..."employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987."
    How past "parallel construction" and telco support will respond to any new "peer-to-peer and voice calling" will be interesting.
    How did the US and UK get to past bespoke crypto telco hardware in the 1950's and beyond? Plain text always seemed to emerge just in time.

    --
    Domestic spying is now "Benign Information Gathering"
  2. Re:Key exchange by BitterOak · · Score: 4, Interesting

    And how do you exchange key? Do they plan a web of trust à la GPG?

    A better approach would be to generate a random session key and each user's client would display some sort of hash (it doesn't need to be really long: 6 or 8 digits would suffice) of that key. Assuming the two parties know each other and recognize each other's voice and/or face, one of them can read the hash to the other. If there's a MITM attack, they won't match. As I said, the hash doesn't need to be long, since one mismatch would indicate trouble.

    --
    If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?